CVE-2017-8511

Published: Jun 15, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.

Affected (11)

Products: Microsoft: Office, Office Online Server, Office Web Apps, Office Web Apps Server, Powerpoint For Mac, Sharepoint Server

6 products

Office Web Apps Server

Powerpoint For Mac

Sharepoint Server

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office	Version 2010 sp1
Microsoft Office	Version 2010 sp2
Microsoft Office	Version 2013 sp1
Microsoft Office	Version 2016
Microsoft Office Online Server	Version 2016
Microsoft Office Web Apps	Version 2010 sp2
Microsoft Office Web Apps Server	Version 2013 sp1
Microsoft Powerpoint For Mac	Version 2011
Microsoft Powerpoint For Mac	Version 2016
Microsoft Sharepoint Server	Version 2013 sp1
Microsoft Sharepoint Server	Version 2016

References (4)

http://www.securityfocus.com/bid/98815

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8511

Source: secure@microsoft.com

MitigationPatchVendor Advisory

http://www.securityfocus.com/bid/98815

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8511

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationPatchVendor Advisory

Timeline

No history available yet.